Operating the Australian Government Crisis Coordination Centre and National Security
Hotline

Working with Australian Government entities and the telecommunications industry to
effectively implement data retention obligations

Implementing a National Facial Biometric Matching Capability

Operating the Computer Emergency Response Team to provide a more secure digital
economy

Developing initiatives to divert individuals from radicalising to violent extremism and
prevent individuals from engaging in or supporting terrorism in Australia or overseas

Maintaining an effective counter-terrorism capability nationally.

PERFORMANCE MEASURES

RESULT

KPI 1: Our community impactMeasure: Community satisfaction with and
awareness of national security strategies

While not a comprehensive measure of the
community impact of all our national security
strategies, we note that during the reporting
period there were 26,500 contacts from the
community with the National Security Hotline,
CERT Australia responded to 14,445 incidents
and the Countering Violent Extremism Centre
undertook numerous community engagement
programmes.

KPI 2: Our effectiveness in achieving objectivesMeasure: Stakeholder and client satisfaction
with the effectiveness of the department’s
contribution to national security

Stakeholder survey indicated 87% of
respondents were satisfied.

KPI 3: Our efficiency in meeting goalsMeasure: Total instances of national security policy advice, programme work and legislative change that are on time, within budget and meet requirements

Analysis

The department delivered many important initiatives this year to meet the increasing level of
potential threats to Australia’s people, infrastructure, technologies, businesses and government
agencies. Many of these initiatives involved working with multiple Commonwealth, state and
territory agencies, community groups and international governments or organisations. Our
stakeholders’ high level of satisfaction in our effectiveness in achieving objectives (87 per cent)
and our professionalism, skills and commitment (92 per cent) reflects the department’s efficacy
in assisting our stakeholders in their work.

Other key results from our stakeholder survey indicate high satisfaction levels with how the
department focuses on the important issues to government (91 per cent), clearly delineates
responsibilities between the department and other organisations (92 per cent) and actively
contributes to whole-of-government initiatives (91 per cent).

Effective legislation for national security challenges

In July 2015, the Parliamentary Joint Committee on Intelligence and Security published the
Australian Government’s response to its recommendations for telecommunications interception
law reform. The department consulted with Commonwealth, state and territory agencies
on priorities for reform, and commenced a range of policy reviews recommended by the
Committee.

The Counter-Terrorism Legislation Amendment Bill (No. 1) 2015 was introduced in the Senate in
November 2015. The Bill was a direct response to operational learnings identified from recent
counter-terrorism operations. The Bill lapsed following the proroguing of Parliament in April 2016.

The department also led discussions with the Quintet countries (United States, United Kingdom,
Canada, New Zealand, and Australia) on improving cross-border access to telecommunications
data.

In 2015–16 we continued these partnerships through the Trusted Information Sharing Network
(TISN), a secure, non-competitive environment where stakeholders work together to identify the
critical components of their networks, understand cross-sector dependencies and develop risk
management strategies.

The department’s Critical Infrastructure Programme for Modelling and Analysis, supported
the TISN by carrying out assessments in the water, electricity, health, and banking and finance
sectors.

We also work closely with the Department of Treasury and security agencies to support the
Government’s decisions on foreign involvement in critical infrastructure. In 2015–16 we assessed
94 foreign investment applications before the Foreign Investment Review Board.

Operating the Crisis Coordination Centre and National Security Hotline

The Australian Government Crisis Coordination Centre (CCC) operates 24 hours a day, 365
days per year to provide whole-of-government situational awareness and crisis coordination.
The centre collates and distributes information and warnings across the Government, state
governments and their agencies, TISN and non-government organisations. During 2015–16, the
centre monitored and reported on 964 unique incidents and distributed 2,067 incident-specific
notifications and updates. This was in addition to compiling and disseminating 1,460 routine
situational awareness products.

In 2015–16, the National Security Hotline (NSH) moved from operating as a stand-alone function
to being an integral element of the CCC. The NSH provides a single point of contact for the
public to report information on possible signs of terrorism, as well as providing information and
reassurance to the public regarding the national counter-terrorism arrangements. This year the
NSH received more than 26,500 contacts by telephone, email and text messages.

Reforms to protective security arrangements

Keeping the Government safe from the ‘trusted insider’ threat was the focus of a new taskforce
established in the department in August 2015. The taskforce is taking into account the personnel
security recommendations of the Independent Review of Whole-of-Government Internal
Regulation by Barbara Belcher (the Belcher Review). We also began reviewing the Protective
Security Policy Framework and broader protective security policy arrangements in collaboration
with stakeholders across government to respond to other recommendations of the Belcher
Review.

Implementing data-retention obligations

We worked with key agencies and the telecommunications industry to implement
data-retention obligations. Consistent with the Government’s goal of industry-wide
compliance by the end of the implementation phase in April 2017, we provided guidance to telecommunications service providers through the department’s hotline, email and face-to-face
meetings. Departmental representatives also participated in industry forums.

By 28 June 2016, the Office of the Communications Access Coordinator had recorded 911
interactions with industry on the data retention regime. The department actioned more than
98 per cent of these. We reviewed data-retention implementation plans and/or data-retention
exemption/variation applications from more than 330 service providers.

We also assisted Commonwealth, state and territory enforcement agencies with processes to
comply with new reporting and record-keeping requirements.

The department also developed regulations concerning the requirement for agencies to obtain a
warrant prior to authorising access to a journalist’s metadata to identify a source, supported the
appointment of new Public Interest Advocates and provided advice to agencies on compliance
requirements.

Implementing a National Facial Biometric Matching Capability

We continued to progress new face-matching services through the National Facial Biometric Matching Capability, announced by the Minister for Justice in September 2015. The services aim to improve agencies’ abilities to share and match facial images to detect and prevent the use of fraudulent identities, including by terrorists and organised crime.

This year the department:

completed the design and build of the central interoperability hub

undertook pilot activities with an initial set of Commonwealth agencies, ahead of the expected commencement of the face-matching services later in 2016

commissioned an independent privacy impact assessment on the design and operation
of the hub. The Minister released this in December 2015, and the department accepted all
recommendations, either in whole or in part.

continued work with the states and territories to enable their police and road agencies to
participate in this national initiative

continued pilot activities with the Northern Territory Department of Transport.

Operating the Computer Emergency Response Team

Through the national Computer Emergency Response Team (CERT Australia), the department
provides cyber-threat information and operational cyber-security support to create a more
secure digital economy.

CERT Australia enables information-sharing, security advice and incident reporting amongst
its domestic and international partners. At the domestic level, CERT Australia’s business
engagement efforts continued to flourish, with more than 500 partnerships in place by the end
of 2015–16. We facilitated 10 Regional Information Exchanges and three National Information
Exchanges throughout the year and responded to more than 14,445 incidents. We actively
participated in the development of the Australian Government Cyber Security Strategy.

In September 2015, CERT Australia was elected as the Chair of Asia–Pacific CERT (AP CERT)
through which we support and influence the development of stronger cyber-security across the
Asia–Pacific region.

Maintaining an effective counter-terrorism capability nationally

As part of the Australian Government’s appropriation to the department for 2015–16,
$11,463 million was provided to Australia–New Zealand Counter-Terrorism Committee to support
the ongoing development and maintenance of Australia’s national counter-terrorism capability.
A further $1.071 million was provided for counter-terrorism drill-style exercises and consumables.

Working with partner countries to counter terrorism

The establishment of the Australia–Indonesia Ministerial Council on Law and Security was a key
achievement during 2015–16. The inaugural meeting, led by the Attorney-General and Minister
for Justice, was held in Jakarta in December 2015 and the second meeting in Sydney in June
2016. This forum reinforces the strong relationships of our law, justice and security agencies to counter contemporary threats, including terrorism and enhance cyber–security.

The department continued to engage with law and justice agencies from key partner countries
in the Indo–Pacific and Middle East to strengthen legal frameworks to counter terrorism. This
work included supporting enhanced international crime cooperation to obtain and use foreign
evidence in terrorism prosecutions and sharing information on our legislation, countering
violent extremism programmes and interagency collaboration.

Countering violent extremism

The Countering Violent Extremism (CVE) Centre drives policy and programmes aimed at
reducing the risk of home-grown terrorism. Funding for the Challenging Terrorist Propaganda in
Australia Programme commenced in July 2015 ($21.7 million over four years). The CVE Centre:

established a social media insights team to deliver an ongoing research base to understand
violent extremist messaging and its impact on Australian society

implemented a national intervention programme designed to prevent and divert individuals
who are at risk of becoming (or already are) radicalised to violent extremism, through
individually tailored case management plans

delivered a training module to support identification of potential intervention cases through
leads assessment and triaging processes. More than 250 individuals were trained during
the year.

engaged with community groups and partners to raise public awareness via targeted
programmes.